The postfix service must be enabled for mail delivery.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| RHEL-06-000287 | RHEL-06-000287 | RHEL-06-000287_rule | Low |
| Description |
|---|
| Local mail delivery is essential to some system maintenance and notification tasks. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 6 Security Technical Implementation Guide | 2013-02-05 |
Details
| Check Text ( C-RHEL-06-000287_chk ) |
|---|
| To check that the "postfix" service is disabled in system boot configuration, run the following command: # chkconfig "postfix" --list Output should indicate the "postfix" service has either not been installed, or has been disabled at all runlevels, as shown in the example below: # chkconfig "postfix" --list "postfix" 0:off 1:off 2:off 3:off 4:off 5:off 6:off Run the following command to verify "postfix" is disabled through current runtime configuration: # service postfix status If the service is disabled the command will return the following output: postfix is stopped If the service is not enabled, this is a finding. |
| Fix Text (F-RHEL-06-000287_fix) |
|---|
| The Postfix mail transfer agent is used for local mail delivery within the system. The default configuration only listens for connections to the default SMTP port (port 25) on the loopback interface (127.0.0.1). It is recommended to leave this service enabled for local mail delivery. The "postfix" service can be enabled with the following command: # chkconfig postfix on |